Culinary Services of America Breach Exposes Social Security Numbers

On March 3, 2025, Culinary Services of America, a staffing and recruiting company specializing in the food service and hospitality industry, experienced a data breach. The incident began when a phishing email was sent to one of the company’s employees. According to the company’s investigation, an unauthorized actor was able to access certain personal information on the same day.

The types of consumer information exposed included first and last names in combination with Social Security numbers—both of which are considered personally identifiable information (PII). No protected health information (PHI) was reported as involved in this breach.

The breach affected at least three individuals in Massachusetts, as reported to the Massachusetts Attorney General on May 8, 2025 and the California Attorney General on May 9, 2025.

The severity of this breach is notable due to the sensitive nature of the information accessed. Social Security numbers, when combined with names, can be used for identity theft and other types of fraud. The breach was the result of a phishing attack, which underscores the importance of ongoing cybersecurity awareness and training for all employees. The unauthorized access was limited to information stored by Culinary Services of America, and there is currently no indication that the data was widely disseminated, but the risk of misuse remains.

Culinary Services of America's response

After discovering the breach, Culinary Services of America took immediate steps to secure its systems and prevent further unauthorized access. The company engaged outside cybersecurity specialists and retained cyber legal counsel to investigate and determine the scope of the incident. As part of its response, Culinary Services of America is offering affected individuals complimentary credit monitoring, a single bureau credit report, and a single bureau credit score for twenty-four months from the date of enrollment. These services are provided through CyberScout, a TransUnion company specializing in fraud assistance and remediation.

If you believe you may have been affected, it is important to remain vigilant. Regularly review your credit reports and account statements for any suspicious activity or errors. If you notice anything unusual, promptly contact your financial institution. Culinary Services of America has also provided proactive fraud assistance and detailed instructions for enrolling in credit monitoring services. The company recommends that affected individuals consider placing a fraud alert or credit freeze with the major credit bureaus to further protect against identity theft.

For questions or assistance, affected individuals can contact the dedicated assistance line at 833-998-6180, available Monday through Friday from 8:00 a.m. to 8:00 p.m. Eastern time (excluding major U.S. holidays). Detailed information about steps you can take to help protect your information is included in the official notice to consumers, which is available as a PDF at the bottom of this article’s page.

For more information about the company, visit Culinary Services of America’s website.